Browse Prior Art Database

The MD2 Message-Digest Algorithm (RFC1319)

IP.com Disclosure Number: IPCOM000002140D
Original Publication Date: 1992-Apr-01
Included in the Prior Art Database: 2000-Sep-12
Document File: 14 page(s) / 23K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

B. Kaliski: AUTHOR

Abstract

Status of this Memo

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 13% of the total text.

Network Working Group B. Kaliski

Request for Comments: 1319 RSA Laboratories

Updates: RFC 1115 April 1992

The MD2 Message-Digest Algorithm

Status of this Memo

This memo provides information for the Internet community. It does

not specify an Internet standard. Distribution of this memo is

unlimited.

Acknowlegements

The description of MD2 is based on material prepared by John Linn and

Ron Rivest. Their permission to incorporate that material is greatly

appreciated.

Table of Contents

1. Executive Summary 1

2. Terminology and Notation 2

3. MD2 Algorithm Description 2

4. Summary 4

References 5

APPENDIX A - Reference Implementation 5

Security Considerations 17

Author's Address 17

1. Executive Summary

This document describes the MD2 message-digest algorithm. The

algorithm takes as input a message of arbitrary length and produces

as output a 128-bit "fingerprint" or "message digest" of the input.

It is conjectured that it is computationally infeasible to produce

two messages having the same message digest, or to produce any

message having a given prespecified target message digest. The MD2

algorithm is intended for digital signature applications, where a

large file must be "compressed" in a secure manner before being

signed with a private (secret) key under a public-key cryptosystem

such as RSA.

License to use MD2 is granted for non-commerical Internet Privacy-

Enhanced Mail [1-3].

This document is an update to the August 1989 RFC 1115 [3], which

also gives a reference implementation of MD2. The main differences

are that a textual description of MD2 is included, and that the

reference implementation of MD2 is more portable.

For OSI-based applications, MD2's object identifier is

md2 OBJECT IDENTIFIER ::=

iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2}

In the X.509 type AlgorithmIdentifier [4], the parameters for MD2

should have type NULL.

2. Terminology and Notation

In this document, a "byte" is an eight-bit quantity.

Let x_i denote "x sub i". If the subscript is an expression, we

surround it in braces, as in x_{i+1}. Similarly, we use ^ for

superscripts (exponentiation), so that x^i denotes x to the i-th

power.

Let X xor Y denote the bit-wise XOR of X and Y.

3. MD2 Algorithm Description

We begin by supposing that we have a b-byte message as input, and

that we wish to find its message digest. Here b is an arbitrary

nonnegative integer; b may be zero, and it may be arbi...